Fixed insecure temporary file creation

author: Mamoru Komachi <usata@gentoo.org> 2003-07-13 10:03:49 +0000
committer: Mamoru Komachi <usata@gentoo.org> 2003-07-13 10:03:49 +0000
commit: f17e37f9780c381e8f29db858d7d787ceabcbf59 (patch)
tree: 0004fab2d4bd0b9a7e89297f99a875963d7cb647 /app-emacs/semi
parent: Fixed insecure temporary file creation (diff)
download: gentoo-2-f17e37f9780c381e8f29db858d7d787ceabcbf59.tar.gz
gentoo-2-f17e37f9780c381e8f29db858d7d787ceabcbf59.tar.bz2
gentoo-2-f17e37f9780c381e8f29db858d7d787ceabcbf59.zip
5 files changed, 304 insertions, 3 deletions
diff --git a/app-emacs/semi/ChangeLog b/app-emacs/semi/ChangeLog
index 7150816998e9..041ad77b77fb 100644
--- a/app-emacs/semi/ChangeLog
+++ b/app-emacs/semi/ChangeLog
@@ -1,6 +1,15 @@
 # ChangeLog for app-emacs/semi
 # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-emacs/semi/ChangeLog,v 1.3 2003/02/12 03:55:54 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-emacs/semi/ChangeLog,v 1.4 2003/07/13 10:03:40 usata Exp $
+
+*semi-1.14.5-r1 (13 Jul 2003)
+
+  13 Jul 2003; Mamoru KOMACHI <usata@gentoo.org> semi-1.14.5-r1.ebuild,
+  files/semi-1.14.5-gentoo.diff:
+  Security fix, insecure temporary file problem as described in
+  http://www.debian.org/security/2003/dsa-339
+  In order to fix the problem, apel's version in DEPEND list bumped.
+  Corrected a typo in dodoc.
 
 *semi-1.14.5 (31 Oct 2002)
 
diff --git a/app-emacs/semi/Manifest b/app-emacs/semi/Manifest
index cff3d241c21f..902b4282ca92 100644
--- a/app-emacs/semi/Manifest
+++ b/app-emacs/semi/Manifest
@@ -1,7 +1,7 @@
-MD5 855ca2c90bb8b1f220a7d6dcd074f259 ChangeLog 601
+MD5 ed401337701ea19781c6ec05b85c1465 ChangeLog 945
 MD5 a6b611137a3f715aeb124a061a2e27b9 semi-1.14.4.ebuild 1233
 MD5 086d14f24d54abc410bb31572cb95c24 semi-1.14.5.ebuild 1226
-MD5 1612943cafd0ff277d66ed68827f521b semi-1.14.5-r1.ebuild 1220
+MD5 e1ca6101d5e0a9a0da1b0e17cb3b9b2c semi-1.14.5-r1.ebuild 1318
 MD5 781c5cb096bb939976cd2ae5cce4bb3e files/65semi-gentoo.el 104
 MD5 aab1dec0e3e2df3425df8cdba5422544 files/digest-semi-1.14.4 63
 MD5 04cae8ef4d6e71949cce7410e9fc0f3d files/digest-semi-1.14.5 63
diff --git a/app-emacs/semi/files/digest-semi-1.14.5-r1 b/app-emacs/semi/files/digest-semi-1.14.5-r1
new file mode 100644
index 000000000000..0c971a29c4fc
--- /dev/null
+++ b/app-emacs/semi/files/digest-semi-1.14.5-r1
@@ -0,0 +1 @@
+MD5 729ceb05114efdff71feb57916579831 semi-1.14.5.tar.gz 137993
diff --git a/app-emacs/semi/files/semi-1.14.5-gentoo.diff b/app-emacs/semi/files/semi-1.14.5-gentoo.diff
new file mode 100644
index 000000000000..87d89b369e76
--- /dev/null
+++ b/app-emacs/semi/files/semi-1.14.5-gentoo.diff
@@ -0,0 +1,236 @@
+diff -u -r1.2.2.4 -r1.2.2.8
+--- pgg-gpg.el	25 Dec 2000 04:58:07 -0000	1.2.2.4
++++ pgg-gpg.el	9 Jun 2003 14:41:04 -0000	1.2.2.8
+@@ -60,16 +60,17 @@
+ 	    (luna-make-entity 'pgg-scheme-gpg))))
+ 
+ (defun pgg-gpg-process-region (start end passphrase program args)
+-  (let* ((output-file-name
+-	  (concat temporary-file-directory (make-temp-name "pgg-output")))
++  (let* ((output-file-name (make-temp-file
++			    (expand-file-name "pgg-output"
++					      temporary-file-directory)))
+ 	 (args
+ 	  `("--status-fd" "2"
+ 	    ,@(if passphrase '("--passphrase-fd" "0"))
++	    "--yes" ; overwrite
+ 	    "--output" ,output-file-name
+ 	    ,@pgg-gpg-extra-args ,@args))
+ 	 (output-buffer pgg-output-buffer)
+ 	 (errors-buffer pgg-errors-buffer)
+-	 (orig-mode (default-file-modes))
+ 	 (process-connection-type nil)
+ 	 process status exit-status)
+     (with-current-buffer (get-buffer-create errors-buffer)
+@@ -77,7 +78,6 @@
+       (erase-buffer))
+     (unwind-protect
+ 	(progn
+-	  (set-default-file-modes 448)
+ 	  (setq process
+ 		(apply #'binary-to-text-funcall
+ 		       pgg-gpg-messages-coding-system
+@@ -107,8 +107,7 @@
+       (if (and process (eq 'run (process-status process)))
+ 	  (interrupt-process process))
+       (if (file-exists-p output-file-name)
+-	  (delete-file output-file-name))
+-      (set-default-file-modes orig-mode))))
++	  (delete-file output-file-name)))))
+ 
+ (defun pgg-gpg-possibly-cache-passphrase (passphrase)
+   (if (and pgg-cache-passphrase
+diff -u -r1.2.2.4 -r1.2.2.5
+--- pgg-pgp5.el	26 Dec 2000 10:23:01 -0000	1.2.2.4
++++ pgg-pgp5.el	15 May 2003 14:44:43 -0000	1.2.2.5
+@@ -83,9 +83,7 @@
+ 	    (luna-make-entity 'pgg-scheme-pgp5))))
+ 
+ (defun pgg-pgp5-process-region (start end passphrase program args)
+-  (let* ((errors-file-name
+-	  (concat temporary-file-directory
+-		  (make-temp-name "pgg-errors")))
++  (let* ((errors-file-name (make-temp-file "pgg-errors"))
+ 	 (args
+ 	  (append args
+ 		  pgg-pgp5-extra-args
+@@ -204,8 +202,7 @@
+ 
+ (luna-define-method pgg-scheme-verify-region ((scheme pgg-scheme-pgp5)
+ 					      start end &optional signature)
+-  (let* ((basename (expand-file-name "pgg" temporary-file-directory))
+-	 (orig-file (make-temp-name basename))
++  (let* ((orig-file (make-temp-file "pgg"))
+ 	 (args '("+verbose=1" "+batchmode=1" "+language=us"))
+ 	 (orig-mode (default-file-modes)))
+     (unwind-protect
+@@ -239,8 +236,7 @@
+ (luna-define-method pgg-scheme-snarf-keys-region ((scheme pgg-scheme-pgp5)
+ 						  start end)
+   (let* ((pgg-pgp5-user-id (or pgg-pgp5-user-id pgg-default-user-id))
+-	 (basename (expand-file-name "pgg" temporary-file-directory))
+-	 (key-file (make-temp-name basename))
++	 (key-file (make-temp-file "pgg"))
+ 	 (args
+ 	  (list "+verbose=1" "+batchmode=1" "+language=us" "-a"
+ 		key-file)))
+diff -u -r1.2.2.3 -r1.2.2.4
+--- smime.el	25 Dec 2000 05:03:48 -0000	1.2.2.3
++++ smime.el	15 May 2003 14:44:43 -0000	1.2.2.4
+@@ -193,9 +193,7 @@
+ 	(pop files)))))
+ 
+ (defun smime-process-region (start end program args)
+-  (let* ((errors-file-name
+-	  (concat temporary-file-directory 
+-		  (make-temp-name "smime-errors")))
++  (let* ((errors-file-name (make-temp-file "smime-errors"))
+ 	 (args (append args (list (concat "2>" errors-file-name))))
+ 	 (shell-file-name smime-shell-file-name)
+ 	 (shell-command-switch smime-shell-command-switch)
+@@ -297,8 +295,7 @@
+   "Verify the current region between START and END.
+ If the optional 3rd argument SIGNATURE is non-nil, it is treated as
+ the detached signature of the current region."
+-  (let* ((basename (expand-file-name "smime" temporary-file-directory))
+-	 (orig-file (make-temp-name basename))
++  (let* ((orig-file (make-temp-file "smime"))
+ 	 (orig-mode (default-file-modes)))
+     (unwind-protect
+ 	(progn
+diff -u -r1.47 -r1.47.2.1
+--- mime-pgp.el	24 Nov 2000 12:32:57 -0000	1.47
++++ mime-pgp.el	15 May 2003 14:44:43 -0000	1.47.2.1
+@@ -141,8 +141,7 @@
+ 		   (1- knum)
+ 		 (1+ knum)))
+ 	 (orig-entity (nth onum (mime-entity-children mother)))
+-	 (basename (expand-file-name "tm" temporary-file-directory))
+-	 (sig-file (concat (make-temp-name basename) ".asc"))
++	 (sig-file (make-temp-file "tm" nil ".asc"))
+ 	 status)
+     (save-excursion 
+       (mime-show-echo-buffer)
+@@ -219,8 +218,7 @@
+ 		   (1- knum)
+ 		 (1+ knum)))
+ 	 (orig-entity (nth onum (mime-entity-children mother)))
+-	 (basename (expand-file-name "tm" temporary-file-directory))
+-	 (sig-file (concat (make-temp-name basename) ".asc"))
++	 (sig-file (make-temp-file "tm" nil ".asc"))
+ 	 status)
+     (save-excursion 
+       (mime-show-echo-buffer)
+diff -u -r1.85.2.8 -r1.85.2.11
+--- mime-play.el	11 Nov 2002 04:39:54 -0000	1.85.2.8
++++ mime-play.el	15 May 2003 14:44:43 -0000	1.85.2.11
+@@ -141,11 +141,10 @@
+ (defun mime-activate-mailcap-method (entity situation)
+   (let ((method (cdr (assoc 'method situation)))
+ 	(name (mime-entity-safe-filename entity)))
+-    (setq name
+-	  (if (and name (not (string= name "")))
+-	      (expand-file-name name temporary-file-directory)
+-	    (make-temp-name
+-	     (expand-file-name "EMI" temporary-file-directory))))
++    (setq name (expand-file-name (if (and name (not (string= name "")))
++				     name
++				   (make-temp-name "EMI"))
++				 (make-temp-file "EMI" 'directory)))
+     (mime-write-entity-content entity name)
+     (message "External method is starting...")
+     (let ((process
+@@ -162,11 +161,12 @@
+ 
+ (defun mime-mailcap-method-sentinel (process event)
+   (let ((file (cdr (assq process mime-mailcap-method-filename-alist))))
+-    (if (file-exists-p file)
++    (when (file-exists-p file)
++      (ignore-errors
+ 	(delete-file file)
+-      ))
++	(delete-directory (file-name-directory file)))))
+   (remove-alist 'mime-mailcap-method-filename-alist process)
+-  (message (format "%s %s" process event)))
++  (message "%s %s" process event))
+ 
+ (defvar mime-echo-window-is-shared-with-bbdb
+   (module-installed-p 'bbdb)
+@@ -354,13 +354,24 @@
+ 	 (number (cdr (assoc "number" cal)))
+ 	 (total (cdr (assoc "total" cal)))
+ 	 file
+-	 (mother (current-buffer)))
++	 (mother (current-buffer))
++	 orig-modes (default-file-modes))
+     (or (file-exists-p root-dir)
+-	(make-directory root-dir))
++	(unwind-protect
++	    (progn
++	      (set-default-file-modes 448)
++	      (make-directory root-dir))
++	  (set-default-file-modes orig-modes)))
+     (setq id (replace-as-filename id))
+     (setq root-dir (concat root-dir "/" id))
++
+     (or (file-exists-p root-dir)
+-	(make-directory root-dir))
++	(unwind-protect
++	    (progn
++	      (set-default-file-modes 448)
++	      (make-directory root-dir))
++	  (set-default-file-modes orig-modes)))
++
+     (setq file (concat root-dir "/FULL"))
+     (if (file-exists-p file)
+ 	(let ((full-buf (get-buffer-create "FULL"))
+diff -u -r1.2.2.4 -r1.2.2.5
+--- pgg-pgp.el	26 Dec 2000 10:23:01 -0000	1.2.2.4
++++ pgg-pgp.el	15 May 2003 14:44:43 -0000	1.2.2.5
+@@ -68,9 +68,7 @@
+ 	    (luna-make-entity 'pgg-scheme-pgp))))
+ 
+ (defun pgg-pgp-process-region (start end passphrase program args)
+-  (let* ((errors-file-name
+-	  (concat temporary-file-directory
+-		  (make-temp-name "pgg-errors")))
++  (let* ((errors-file-name (make-temp-file "pgg-errors"))
+ 	 (args
+ 	  (append args
+ 		  pgg-pgp-extra-args
+@@ -192,8 +190,7 @@
+ 
+ (luna-define-method pgg-scheme-verify-region ((scheme pgg-scheme-pgp)
+ 					      start end &optional signature)
+-  (let* ((basename (expand-file-name "pgg" temporary-file-directory))
+-	 (orig-file (make-temp-name basename))
++  (let* ((orig-file (make-temp-file "pgg"))
+ 	 (args '("+verbose=1" "+batchmode" "+language=us"))
+ 	 (orig-mode (default-file-modes)))
+     (unwind-protect
+@@ -230,8 +227,7 @@
+ (luna-define-method pgg-scheme-snarf-keys-region ((scheme pgg-scheme-pgp)
+ 						  start end)
+   (let* ((pgg-pgp-user-id (or pgg-pgp-user-id pgg-default-user-id))
+-	 (basename (expand-file-name "pgg" temporary-file-directory))
+-	 (key-file (make-temp-name basename))
++	 (key-file (make-temp-file "pgg"))
+ 	 (args
+ 	  (list "+verbose=1" "+batchmode" "+language=us" "-kaf"
+ 		key-file)))
+diff -u -r1.37.2.9 -r1.37.2.11
+--- mime-edit.el	11 Nov 2002 05:15:10 -0000	1.37.2.9
++++ mime-edit.el	15 May 2003 14:44:42 -0000	1.37.2.11
+@@ -2605,11 +2606,7 @@
+ 	    (or (cdr (assq major-mode mime-edit-message-max-lines-alist))
+ 		mime-edit-message-default-max-lines))
+       )
+-  (let* ((mime-edit-draft-file-name
+-	  (or (buffer-file-name)
+-	      (make-temp-name
+-	       (expand-file-name "mime-draft" temporary-file-directory))))
+-	 (separator mail-header-separator)
++  (let* ((separator mail-header-separator)
+ 	 (id (concat "\""
+ 		     (replace-space-with-underline (current-time-string))
+ 		     "@" (system-name) "\"")))
diff --git a/app-emacs/semi/semi-1.14.5-r1.ebuild b/app-emacs/semi/semi-1.14.5-r1.ebuild
new file mode 100644
index 000000000000..8f385136fa2e
--- /dev/null
+++ b/app-emacs/semi/semi-1.14.5-r1.ebuild
@@ -0,0 +1,55 @@
+# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-emacs/semi/semi-1.14.5-r1.ebuild,v 1.1 2003/07/13 10:03:40 usata Exp $
+
+inherit elisp 
+
+IUSE=""
+
+DESCRIPTION="a library to provide MIME feature for GNU Emacs -- SEMI"
+HOMEPAGE="http://cvs.m17n.org/elisp/SEMI/index.html.ja.iso-2022-jp"
+SRC_URI="ftp://ftp.m17n.org/pub/mule/semi/semi-1.14-for-flim-1.14/${P}.tar.gz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~x86 ~alpha ~sparc ~ppc"
+
+DEPEND="virtual/emacs
+         >=app-emacs/apel-10.6
+         >=app-emacs/flim-1.14.5";
+#        >=virtual/flim-1.14
+
+PROVIDE="virtual/${P}"
+S="${WORKDIR}/${P}"
+
+src_unpack() {
+	unpack ${A}
+	cd ${S}
+	epatch ${FILESDIR}/${P}-gentoo.diff
+}
+
+src_compile() {
+	make PREFIX=${D}/usr \
+		LISPDIR=${D}/${SITELISP} \
+		VERSION_SPECIFIC_LISPDIR=${D}/${SITELISP} || die
+}
+
+src_install() {
+	make PREFIX=${D}/usr \
+		LISPDIR=${D}/${SITELISP} \
+		VERSION_SPECIFIC_LISPDIR=${D}/${SITELISP} install || die
+
+ 	elisp-site-file-install ${FILESDIR}/65semi-gentoo.el
+
+	dodoc README* ChangeLog VERSION NEWS
+}
+
+pkg_postinst() {
+	elisp-site-regen
+
+	einfo "Please unmerge another versions or variants, if installed."
+	einfo "You need to rebuild packages depending on ${PN}."
+}
+
+pkg_postrm() {
+	elisp-site-regen
+}
author	Mamoru Komachi <usata@gentoo.org>	2003-07-13 10:03:49 +0000
committer	Mamoru Komachi <usata@gentoo.org>	2003-07-13 10:03:49 +0000
commit	f17e37f9780c381e8f29db858d7d787ceabcbf59 (patch)
tree	0004fab2d4bd0b9a7e89297f99a875963d7cb647 /app-emacs/semi
parent	Fixed insecure temporary file creation (diff)
download	gentoo-2-f17e37f9780c381e8f29db858d7d787ceabcbf59.tar.gz gentoo-2-f17e37f9780c381e8f29db858d7d787ceabcbf59.tar.bz2 gentoo-2-f17e37f9780c381e8f29db858d7d787ceabcbf59.zip